joseantmazonsb / linguard Goto Github PK
View Code? Open in Web Editor NEWA simple, yet powerful web GUI to manage your Wireguard server, powered by Flask.
Home Page: https://linguard.readthedocs.io
License: GNU General Public License v3.0
A simple, yet powerful web GUI to manage your Wireguard server, powered by Flask.
Home Page: https://linguard.readthedocs.io
License: GNU General Public License v3.0
Debian 10
└>lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 10 (buster)
Release: 10
Codename: buster
└>uname -a
Linux wginterface 4.19.0-17-amd64 #1 SMP Debian 4.19.194-2 (2021-06-21) x86_64 GNU/Linux
If you did intend to build this package from source, try installing a Rust compiler from your system package manager and ensure it is on the PATH during installation. Alternatively, rustup (available at https://rustup.rs) is the recommended way to download and update the Rust compiler toolchain.
This package requires Rust >=1.41.0.
----------------------------------------
Can't roll back cryptography; was not uninstalled
Command "/usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-jewgzdeg/cryptography/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-k3nzuegy/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-install-jewgzdeg/cryptography/
[FATAL] Unable to install requirements.
also
[INFO] Setting up virtual environment...
./install.sh: line 102: virtualenv: command not found
./install.sh: line 103: /var/www/linguard/venv/bin/activate: No such file or directory
The profile page will show basic info about the user and will allow change of password.
If overwrite was disabled and is now enabled, the log file will be overwritten the next time the app boots up. Currently the log file is overwritten whenever the log settings are saved if overwrite is set to true.
The docker compose has both a ports section and network_mode = "host"
. You can have one or the other, but not both.
In the UI, the column to show when the last handshake for a peer was is always showing none even when wg show
lists it.
Steps to reproduce the behavior:
None
wg show
command. As long as a peer has connected previously it should show the latest handshake time.The UI should show the same time as the CLI wg show
command when looking at the peers Last Handshake column.
Add an option to import peers and interfaces from a wireguard file.
Also add an option to download the wireguard configuration files of interfaces just like it's done with peers.
Describe the bug
/usr/sbin/iptables
is mapped to container's iptables, so it adds iptables rules to container's, they aren't added to host's iptables, and so the routing does not work. I found a workaround by making it use /usr/sbin/iptables-legacy
instead.
I think the solution would be to use a different base image.
To Reproduce
Steps to reproduce the behavior:
Server:
When implementing SQL drivers, maybe implement an interface for additional connection types.
Page breaks if I put linguard to subdirectory of nginx reverse proxy.
It would be nice to have added support for reverse proxy subdirectory support.
The first time Linguard starts, after the admin password is set, a setup page will be displayed to help the user set the main global options.
The readme should not have a Docs page. Instead, the user will be referred to a a wiki
Make linguard platform agnostic and provide installation scripts for linux, windows and macOs
Linguard not showing correctly when configured to be served via nginx subdir reverse proxy.
Used configuration:
location /linguard/ {
# rewrite ^/linguard/(.*) /$1 break;
proxy_pass http://127.0.0.1:8080;
# proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
adding rewrite rule doesn't help.
If I press save to try and change the username or password, the banner will say "Logged in ."
Describe the bug
With systemd install, doesn't automatically set ip forwarding for ipv4. cat /proc/sys/net/ipv4/ip_forward output is 0.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
cat /proc/sys/net/ipv4/ip_forward output is 1.
Linguard is great, it just lacks a way to control the total traffic of the connecting user. In my case I do not want to exceed the traffic of my vps
The user will be able to select the gateway of their wireguard interfaces from a list when creating or editing such interfaces.
Use github actions/jenkins or any other CD/CI technology to automatize the process of building and testing the project
Coverage will only be reported for the main and dev branches.
Probably caused by the settings refactor
Only administrators will be able to interact with the UX.
Hence, the first time linguard is launched it will ask the user to create a password for the admin role. The user will be able to change its password later on through the profile page.
Is your feature request related to a problem? Please describe.
I would like to add an optional field when adding peers - AllowedIPs configuration
Describe the solution you'd like
Would also be great if it was based upon templates/pre-existing/pre-used (autocomplete maybe??) values.
Describe alternatives you've considered
Currently I'm manually edit each peer-config, which unfortunately makes the pre-existing QR-code generator unusable.
Additional context
I'm not that great of a python developer, but i'll make an effort in modifying this myself later this week...
Not really, it is just something I have noticed that I then change manually in every config file for my clients before enabling them. This would save time and make it easier.
When creating a peer, if a user enters an IP address without an subnet mask then upon saving it should automatically append /32
to that address to keep in inline with what Wireguard can accept/expect from those fields. If a user enters an IP address with their own /xx
subnet mask then upon saving it will simply save what they have entered.
This would allow it so when downloading a config file, the Interface Address
would be properly formatted in a CIDR format even if the user did not manually add the subnet mask.
Another consideration is to have this split into two field, a IP address and a CIDR range field. The IP field would be left as is but put a format validator on it to validate it is only IP addresses entered then have another field for a integer that is the CIDR range. This would default to 32 but allow the user to enter a valid CIDR range (0-32).
When exporting a configuration file or managing the server this would automatically be converted to a CIDR formatted field with the IP and CIDR range field being combined.
Either of the two above ideas would be fine in my books, and can just help police the values being exported and saved for the config values to a common format.
The user will be able to edit the uwsgi TLS settings via Linguard's UX.
Something similar to the display of the secret key used for authentication.
Is your feature request related to a problem? Please describe.
Yes and no, I am on dev branc and importing my existing config fails because i am using pre-shared keys i had to remove them
Describe the solution you'd like
The ability to use pre shared keys when setting up peers
The dashboard will show a traffic chart for peers and interfaces.
The dashboard will show information of every wg interface and peer.
The dashboard will show last login's date.
The dashboard will indicate the date Linguard was last started (this will reset every time linguard is restarted)
The settings page will allow the user to view and edit all global options available through the configuration file.
If the interfaces folder is changed, all interfaces will be stopped, the old folder will be deleted and the interfaces that were running before the changes will be brought up again,
If any log option is changed, the logger will apply the changes immediately.
Is your feature request related to a problem? Please describe.
Adding IPv6 Adresses needs editing the config files since theres no option in GUI.
Describe the solution you'd like
Adding the Option next to the IPv4 window so the VPN can listen on both.
(For Server and Peer settings)
Describe alternatives you've considered
Maybe change the IPv4 bracket to "IP" and make it optional to add IPv6 Adresses to this bracket.
Additional context
in conf file it looks like this (example of course)
[Interface]
Address = 127.0.0.1/24, ::1/64
Thanks :)
Allow an option to display a QR code based on the configuration file of a given peer.
IP addresses must be within the same network for all peers of a given interface
I use Keycloak and would love to have built in support. Using Flask-OIDC is probably the easiest to integrate.
Is your feature request related to a problem? Please describe.
When adding or removing peer the wireguard interface gets restarted causing everyone on vpn to got frozen connections for couple of seconds, which sometimes result in ssh sessions terminated. That is unnecessary, thare are commands to add new peer and to remove peer without reloading the whole configuration.
Describe the solution you'd like
Commands to add new peer and to remove peer without reloading the whole configuration:
wg set "wg-interface" peer "peer-public-key" remove
wg set "wg-interface" peer "peer-public-key" allowed-ips "ip_address"
Testing on a fresh hyper-v debian 11 guest vm.
I see how to set the port but what about the bind nic/adapter? Reason I ask is, It start and it looks like its running but on 127.0.0.1:8080 and I cant access via http://192.168.1.100:8080/. maybe im missing something. It's a headless vm with only ssh access.
either way im excited to play with this some more. looks promising.
Also found a type-o in install.sh on line 105 - replace requirements.txts with requirements.txt
pip3 install -r "${INSTALLATION_PATH}"/requirements.txt
Awesome work all around! 👍
~SOL
Via email maybe?
After installing and configuring (interface and peer), I connect correctly. But I don't have internet access.
Those. I can ping the interface and other peers, but I can't open or ping sites.
Installed on VPS.
Help, please, to solve a problem.
Page breaks if I put linguard to subdirectory of nginx reverse proxy.
It would be nice to have added support for reverse proxy subdirectory support.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.